Re: [pca] sunsolve broke again?
Bliss, Kevin L wrote: I am having problems with patch downloads again, is it down again? As much as it is failing, perhaps the better question is it up yet! I see some failures to download the xref file in the proxy's logfile from yesterday, but today all downloads worked fine here. Martin.
Re: [pca] PCA features: Check if SST(aka JASS) is installed on the system to analyze.
Hi Michele, echo * Package SUNWjass is installed. Be prepared to audit your * echo * JASS settings after patching and possibly re-apply JASS. * It's probably fine to do such things in a wrapper, like other local checks, or advices from the senior to the junior administrators. The fact that SUNWjass is installed doesn't have to mean that it is used, and the more informational output a tool creates the less it is read, I guess. It's probably common sense to run any hardening tools again after a system modification (like a patch install). I don't think that a patch should modify a system in a way that makes it more unsecure than it was before by changing some settings, and I can't remember any such issue .. Thanks for the feedback, anyway. Martin.
Re: [pca] PCA features: Check if SST(aka JASS) is installed on thesystem to analyze.
Matin, It's my understanding that the patching process ignores SST hardening. I have seen patching undo hardening on Solaris 9. As far as configuration files go - doesn't the --safe option address that issue? Glen Gunselman Systems Software Specialist TCS Emporia State University Martin Paul mar...@par.univie.ac.at 10/27/2009 10:18 AM Hi Michele, echo * Package SUNWjass is installed. Be prepared to audit your * echo * JASS settings after patching and possibly re-apply JASS. * It's probably fine to do such things in a wrapper, like other local checks, or advices from the senior to the junior administrators. The fact that SUNWjass is installed doesn't have to mean that it is used, and the more informational output a tool creates the less it is read, I guess. It's probably common sense to run any hardening tools again after a system modification (like a patch install). I don't think that a patch should modify a system in a way that makes it more unsecure than it was before by changing some settings, and I can't remember any such issue .. Thanks for the feedback, anyway. Martin.
[pca] patchdiag vs pca
We are looking to standardize on a patch management tool. The two tools we are working with is patchdiag and pca. Does anybody know if patchdiag is officially supported by Sun?
Re: [pca] sunsolve broke again?
I was getting timeouts, consistently with wget/pca and frequently from the web page. It started working later in the day. From: pca-boun...@lists.univie.ac.at [mailto:pca-boun...@lists.univie.ac.at] On Behalf Of Don O'Malley Sent: Tuesday, October 27, 2009 8:04 AM To: PCA (Patch Check Advanced) Discussion Subject: Re: [pca] sunsolve broke again? Hi Kevin, All should be working on SunSolve. If you are having issues, can you please post output of the failing patch download attempt so that I can look into it further. Thanks! -Don Bliss, Kevin L wrote: I am having problems with patch downloads again, is it down again? As much as it is failing, perhaps the better question is it up yet! Kevin Bliss Con-way Enterprise Services Never Settle for Less 503 450-6124 (v) 971 678-0402 (c) bliss.ke...@con-way.commailto:bliss.ke...@con-way.com Telecommute - Every Tuesday Please use the link for service requests: : http://servicerequest.con-way.com
